raito
4ea20c9a96
chore: connect terraform to the hive
...
This way, we can autogenerate records for storage and builders nodes by
reading directly the configuration.
This makes evaluation of `nix run .#tf` slower, but this makes things
more safer and easier, so it's good.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-23 19:40:33 +01:00
raito
349206de12
chore: introduce finer-grained baremetal management
...
for multiple roles such as storage or builders.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-23 19:40:33 +01:00
raito
f4588aff2b
feat: listen on Gerrit events and rewrite them as generic VCS events
...
This introduces the private SSH key for Gerrit event streaming.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-16 01:25:53 +01:00
raito
90038e80a2
fix: do not propagate rabbitmq-password to all nodes
...
This was a mistake.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-16 00:25:54 +01:00
raito
665a750e35
chore: fix vhost and username for ofborg
...
Username and vhost creation are out of band and manual.
$ cd /var/lib/rabbitmq
$ sudo -u rabbitmq rabbitmqctl create_user ofborg $pwd
$ sudo -u rabbitmq rabbitmqctl set_permissions ofborg '.*' '.*' '.*'
Here's a simple way to reproduce that setup on the RabbitMQ server.
Doing better will require the Vault server which will come soon anyway.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 18:19:49 +01:00
raito
ab998c8fb9
chore: bump ofborg
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 17:25:42 +01:00
raito
bb7d5c1c7d
chore: re-encrypt rabbitmq password
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 17:25:35 +01:00
raito
eaee10ec70
chore: bump ofborg
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
df0bd6b4eb
feat: introduce statcheck worker
...
Status & checks RPC & event queue.
The status & checks is set by the rest of OfBorg, the web service needs
to be exposed.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
c007bbeeb9
feat: introduce ofborg gerrit streamer
...
This pipes events from Gerrit into the whole AMQP broker and enable all
the system to react to VCS changes.
We need a filter to transform raw Gerrit events into ofBorg specific
events that we will continue to send in the system.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
c1cb1ffcad
feat: update ofborg
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
4fe922bcd0
feat: introduce ofborg mass rebuilder
...
With Gerrit support.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
adb78e633c
feat: introduce ofborg pastebin service
...
The web service is not available yet.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
ebdb7c8aef
fix: introduce the newest branch of ofborg
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
9051ce73c6
fix: disable IPv4 on amqp.forkos.org
...
Otherwise, the renew fails all the time!
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
8fa0e5abe3
feat: introduce ofborg stats
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
47b713ca58
feat: introduce ofborg builder
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:45 +01:00
raito
436882c3eb
fix(services/vault): proxy pass to the local vault server web port
...
Oopsie, forgot that commit.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:11 +01:00
raito
14f5bc10a1
chore(pkgs/openbao): 2.0.2 -> 2.1.0
...
https://openbao.org/docs/release-notes/2-1-0/
https://openbao.org/docs/release-notes/2-0-0/#203
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:42:48 +01:00
raito
a4d4ff8041
feat(build-coord): enable first Vault instance on it
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:30:21 +01:00
raito
2c4e60760f
feat: introduce a Vault module for secrets management
...
Via a fork of the Linux Foundation, called OpenBao.
The module supports high availability but we only have one node for now.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 21:49:44 +01:00
raito
dc23bb7054
feat: introduce awareness module for WAN addresses
...
Introduce a data-only module to perform abstraction on the deployment,
we use it for WAN for now.
The usecase is service discovery for simple cases.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 21:47:53 +01:00
raito
84899b48ea
feat(channel-scripts): support push to git and automatic cleanup of failed streaming
...
Now, we won't pile a bunch of failed streaming attempts and this will
automatically push to git.
Credentials are left to be done for the push to actually work.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 19:06:47 +01:00
raito
c3b1a3d1da
feat(gerrit01): upgrade to Gerrit 3.10.3
...
And monitor the performance situation as always.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 17:13:18 +01:00
raito
980709cc02
chore(ows): remove Raito personal sandbox branches
...
I am not using those branches anymore, we can remove them.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 14:42:22 +00:00
raito
112f60afd1
feat(ows): support moving away onewaysync
...
We are running into too many out of disk space situations with OWS on
the main disk.
This way, we can reuse the Gerrit disk for all that data, which
hopefully, is quite shared with Gerrit.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 14:42:22 +00:00
raito
879292aa9e
chore: bump everything
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 15:17:29 +01:00
raito
e912796992
fix(buildbot): use builder-4 for forkos buildbot instance
...
Since 070d97fd
, we have shut down builder-4.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 15:17:22 +01:00
Yureka
070d97fdf1
adjust builders list
2024-12-09 10:46:03 +01:00
Yureka
2e7a702c28
adjust builder assignments
2024-12-09 10:28:20 +01:00
Ilya K
cae763e8dd
ofborg: enable nginx for certs
2024-11-17 14:48:08 +03:00
Ilya K
4f1378937f
Disable nixos-option, it breaks
2024-11-17 14:39:25 +03:00
Ilya K
7e3074a769
Update everything again
2024-11-17 14:39:19 +03:00
Ilya K
3182a036c0
chore: bump everything
2024-11-12 23:42:51 +03:00
Ilya K
54e8282aac
fix: use promtool to verify rules, fix format
2024-11-12 23:21:30 +03:00
Ilya K
41be8dc170
fix: pin pyroscope to go 1.22
2024-11-12 23:16:46 +03:00
Ilya K
b08330c42b
fix: allow insecure netbox
2024-11-12 22:52:11 +03:00
Ilya K
268422f653
fix: update grapevine to build with current nixpkgs
2024-11-12 22:49:33 +03:00
Yureka
4e03cf2309
increase zram on build-coord
2024-11-04 08:48:40 +01:00
Yureka
00a5d373f3
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/e2f08f4d8b3ecb5cf5c9fd9cb2d53bb3c71807da' (2024-10-05)
→ 'github:NixOS/nixpkgs/7ffd9ae656aec493492b44d0ddfb28e79a1ea25d' (2024-11-02)
2024-11-04 08:46:51 +01:00
Yureka
ec93c94e7e
revert default shell to bash
...
zsh is unbearably slow on some machines
2024-10-30 13:29:27 +01:00
raito
f56576d644
fix: add util-linux in git-gc-preserve
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-28 12:07:54 +01:00
raito
1ae3d7c396
chore: move to forkos branch for buildbot
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-28 12:07:06 +01:00
raito
cca8156e52
Revert "chore: move to faster-depinfo branch for Buildbot"
...
This reverts commit 7df7eaeb9b
because
there was a missing intersection in the code and this broke Buildbot
entirely by exhausting all the resources.
2024-10-27 22:01:34 +01:00
raito
7df7eaeb9b
chore: move to faster-depinfo branch for Buildbot
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-27 19:39:18 +01:00
Kiara Grouwstra
5ae71fff99
chore: add lorri to prevent direnv from blocking, closes #147
2024-10-27 09:42:11 +00:00
raito
02f8bc7ca4
chore(o11y): filter by tenancy on node_exporter
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:37 +02:00
raito
e0c029ba43
fix: make all buildbot postgres faster
...
work_mem was effectively absurdly low.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:24 +02:00
raito
3ed36f74fd
onboarding: add pennae keys on lix infra
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:06 +02:00
raito
b1f4674da0
chore: add tenancy in postgres
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:06 +02:00